Prior art authentication systems frequently rely on passwords as a way of verifying a user's identity. In general, these password authentication systems rely on Static passwords or Dynamic passwords. In some instances, Biometrics authentication is used in-lieu of a password system.
Static passwords are predefined alpha-numeric sequences that are selected prior to the initiation of an authentication event or transaction. Static passwords by their very nature do not change between transactions which results in well known security deficiencies. However, in spite of these known security deficiencies, Static password authentication systems are widely used because there are readily available, cost effective alternatives.
Dynamic password systems sometimes referred to as one-time password systems are known to those of ordinary skill in the art. Dynamic password systems are characterized by the password used to authenticate transactions being changed regularly and not remaining constant.
However, Dynamic password systems have several known deficiencies. First, a separate encryption system may be required to secure one or more transactions after authentication. Second, memorization is often required to use prior art authentication devices/systems which often rely on algorithms and/or pattern forming methods to generate a dynamic password. Pins, algorithms, and procedure memorization are often required for the user to properly generate and enter the appropriate Dynamic password. The complexity of some algorithms and procedures may make it difficult for users to use such password authentication systems. Third, Dynamic password systems require that the user and the authentication system are synchronized. As a result, it is not possible for the user to enter the correct Dynamic password if synchronization between the user and the authentication system is lost. Fourth, calculations required to validate the Dynamic password during authentication are computationally intensive. Further, the rejection of incorrectly entered passwords is particularly computationally intensive. Fifth, any hardware device used as part of the authentication system will require a power source (e.g., a battery), an initialization time, and a resynchronization time. Sixth, the authentication system may be provided by a third party (e.g., a third party provided authentication server) thereby further increasing the cost of using a Dynamic password authentication system. Seventh, authentication devices used as part of a Dynamic password authentication system may require graphical user interfaces and the provision of individual authentication devices to each user thereby driving up the cost associated with the deployment of such systems. Eighth, in instances where a pre-printed list of one-time passwords is used, the user and service provider between which a transaction is taking place must keep track of the order in which to use a particular password. This is a cumbersome method which requires frequent replacement of the pre-printed list.
Some Dynamic password systems rely on Random Partial Pattern Recognition principles. These authentication systems use an authentication device having a graphical user interface that relies on a user using patterns to identify the correct alpha-numeric units, listed in an ordered set of data fields, of the password. Such authentication systems may not be readily adaptable for use with devices (e.g., cameras, mobile devices, etc . . . ) that do not have a graphical user interface. Also, these authentication systems may require the use of a third party system to secure a transaction.
Biometric authentication relies on human characteristics as a form of identification. While biometrics characteristics may be completely unique to each person they fail to offer as many unique combinations as are available through the use of an eight-character password. Further, a separate system may be required to secure transactions following authentication of the user. Biometric authentication systems are expensive and require specialized software and hardware for their use. Biometric identifier data is frequently generated from unique characteristics of the user which are not easily changed (e.g., finger prints). If the biometric identifier data is stolen the user may never again be able to securely use the stolen biometric identifier data.
In general, the prior art authentication systems routinely rely on a separate or third party encryption systems to secure the transaction after authentication has taken place. These prior art authentication systems fail to provide a system or method of ongoing authentication of the user, the service provider and/or the individual objects (e.g., a single email, data packet, file, etc . . . ) being exchanged during a session that relies on the use of a plurality of passwords. Further, many of the prior art authentication systems operate on the premise that once authenticated access has been achieved further authentication (or re-authentication) is not required to authenticate actions (e.g., the exchange of objects) taken by the user on a service providers system. In this way, these prior art authentication systems may be unable to prevent unauthorized access by third parties.